2012 Special Reports Library

In 2009, Chinese hackers began stealing sensitive intellectual property from U.S. oil, gas and petrochemical companies. The attacks were attributed to the Chinese based on recognition of Chinese hacking tools previously identified on underground hacking sites and the attacks apparent origin in Beijing. Termed “Night Dragon,” these attacks included social engineering, spear-phishing attacks, exploitation of Microsoft Windows OS vulnerabilities, Microsoft Active Directory compromises and the use of remote administration tools. McAfee, who identified the attacks, reported that the Night Dragon attacks had been going on for at least two years, possibly as many as four. While Night Dragon was aimed at oil, gas and petrochemical companies, the same trajectory was used in the RSA and Lockheed Martin attacks. During this educational forum, attendees will learn from industry experts:
How and where malicious attacks begin
Why the complexity of corporate computer systems makes it so difficult to tie malicious activity together
The path attacks take within an organization’s infrastructure
What motivates hackers to go to such extraordinary lengths
The role law enforcement plays in investigating and prosecuting malicious hacking
How organizations and government assess the damage of these attacks
How attackers benefit; what their goals and objectives are
Additional measures organizations should engage in to protect their intellectual property
Panelists:
John Caruthers, Supervisory Special Agent, FBI Cyber Division
Kenneth Schmutz, Supervisory Special Agent, FBI Cyber Division
Zach Tudor, Program Director of the Computer Science Lab, SRI International